Our deployment model is that we create containers on the fly with docker-java-api, some of these containers use heavily rocksdb database. The files of the DB are on the host, like:
ls -lrt /mnt/data/rocksdb
-rw-r--r-- 1 root root 8374 Nov 28 15:32 fileA
-rw-r--r-- 1 root root 0 Nov 28 15:32 fileB
-rw-r--r-- 1 root root 37 Nov 28 15:32 ....
-rw-r--r-- 1 root root 16 Nov 28 15:32 fileC
-rw-r--r-- 1 root root 19646 Nov 28 15:32 ..
-rw-r--r-- 1 root root 22500 Nov 28 15:32 .... etc
/mnt/data/rocksdb
gets mounted onto a container with app that uses the DB heavily.
What I notice is that after starting the container, ownership of the files changes to:
ls -lrnt /mnt/data/rocksdbdata/
total 84092
-rw-r--r-- 1 999 999 8374 Nov 28 15:32 fileA
-rw-r--r-- 1 999 999 0 Nov 28 15:32 LOCK
-rw-r--r-- 1 999 999 37 Nov 28 15:32 fileB
-rw-r--r-- 1 999 999 16 Nov 28 15:32 fileC
-rw-r--r-- 1 999 999 19646 Nov 28 15:32 ...
-rw-r--r-- 1 999 999 22500 Nov 28 15:32 .....etc
User with these UID:GID (999:999) is docker.
Can you tell me why is this happening?
It needs a long explanation. Long story short, docker is changing the mounted file permissions because of access with root permissions.
For more details, please look at this answer;
Docker changes owner of local files mounted as volume